risepro | a7f095e49a35dd1f037ed9309d33e2b346bd750b612912aa7673cbbab609aebb | Triage

Submit
Reports

Overview

overview

Static

static

7

file.exe

windows7-x64

7

file.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

file.exe
Size

5.4MB
Sample

240315-rt6ahach77
MD5

60f5b5a5420f6581e3f48a9438cb5c55
SHA1

67431beaa088af3274bb161da2e8f1e2fb8f4ffb
SHA256

a7f095e49a35dd1f037ed9309d33e2b346bd750b612912aa7673cbbab609aebb
SHA512

6ead66070e0025a02c0aeb581bae6da7007dd668cca1a3dbce9b8cfc5e3a7ef99fe29ae3469b412970c002d4cdd318a278566f6d4446748ca2d3438445427abf
SSDEEP

98304:JRtYDvYgAi2FIV2Yf6HTTRep72QRsiFoXBc3N8RXfM4LqFG9:JYGjT1e12QqWN+fDB9

Score

10^/10

risepro stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

file.exe

Resource

win7-20240221-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

file.exe

Resource

win10v2004-20240226-en

risepro stealer

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

risepro

C2

193.233.132.49:50500

Targets

- Target
  
  file.exe
- Size
  
  5.4MB
- MD5
  
  60f5b5a5420f6581e3f48a9438cb5c55
- SHA1
  
  67431beaa088af3274bb161da2e8f1e2fb8f4ffb
- SHA256
  
  a7f095e49a35dd1f037ed9309d33e2b346bd750b612912aa7673cbbab609aebb
- SHA512
  
  6ead66070e0025a02c0aeb581bae6da7007dd668cca1a3dbce9b8cfc5e3a7ef99fe29ae3469b412970c002d4cdd318a278566f6d4446748ca2d3438445427abf
- SSDEEP
  
  98304:JRtYDvYgAi2FIV2Yf6HTTRep72QRsiFoXBc3N8RXfM4LqFG9:JYGjT1e12QqWN+fDB9
Score

10^/10

risepro stealer
- RisePro
  RisePro stealer is an infostealer distributed by PrivateLoader.
  stealer risepro
- .NET Reactor proctector
  Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy